feature/symfony-8-support

.github/workflows/running_the_tests.yml

@@ -21,7 +21,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        php-version: ['8.2', '8.3', '8.4', '8.5']
+        php-version: ['8.4', '8.5']
 
     steps:
     - uses: shivammathur/setup-php@v2

composer.json

@@ -9,17 +9,17 @@
     "oauth2-keycloak"
   ],
   "require": {
-    "php": ">=8.2",
-    "stevenmaguire/oauth2-keycloak": "^5.1",
-    "symfony/routing": "^6.4 || ^7.2 || ^8.0",
-    "symfony/security-bundle": "^6.4 || ^7.2 || ^8.0",
-    "symfony/http-kernel": "^6.4 || ^7.2 || ^8.0",
-    "symfony/framework-bundle": "^6.4 || ^7.2 || ^8.0",
-    "symfony/serializer-pack": "^1.3"
+    "php": ">=8.4",
+    "stevenmaguire/oauth2-keycloak": "^6.1",
+    "symfony/routing": "^6.4 || ^7.4 || ^8.0",
+    "symfony/security-bundle": "^6.4 || ^7.4 || ^8.0",
+    "symfony/http-kernel": "^6.4 || ^7.4 || ^8.0",
+    "symfony/framework-bundle": "^6.4 || ^7.4 || ^8.0",
+    "symfony/serializer-pack": "^1.4"
   },
   "require-dev": {
-    "friendsofphp/php-cs-fixer": "^3.75",
-    "phpunit/phpunit": "^11.2",
+    "friendsofphp/php-cs-fixer": "^3.94",
+    "phpunit/phpunit": "^13.0",
     "mockery/mockery": "^1.6",
     "phpstan/phpstan": "^2.1"
   },

phpunit.xml.dist

@@ -1,14 +1,14 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!-- https://phpunit.readthedocs.io/en/latest/configuration.html -->
-<phpunit xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="https://schema.phpunit.de/10.3/phpunit.xsd" backupGlobals="false" bootstrap="tests/bootstrap.php" colors="true" cacheDirectory=".phpunit.cache">
+<phpunit xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="https://schema.phpunit.de/13.0/phpunit.xsd" backupGlobals="false" bootstrap="tests/bootstrap.php" colors="true" cacheDirectory=".phpunit.cache">
   <php>
     <ini name="display_errors" value="1"/>
     <ini name="error_reporting" value="-1"/>
     <server name="APP_ENV" value="test" force="true"/>
     <server name="KERNEL_CLASS" value="App\Kernel"/>
     <server name="SHELL_VERBOSITY" value="-1"/>
     <server name="SYMFONY_PHPUNIT_REMOVE" value=""/>
-    <server name="SYMFONY_PHPUNIT_VERSION" value="9.5"/>
+    <server name="SYMFONY_PHPUNIT_VERSION" value="13.0"/>
     <server name="SYMFONY_DEPRECATIONS_HELPER" value="disabled"/>
   </php>
   <testsuites>

src/Provider/KeycloakClient.php

@@ -49,7 +49,8 @@ public function __construct(
             }
             if ('' !== $this->encryption_key) {
                 $this->keycloakProvider->setEncryptionKey($this->encryption_key);
-            } elseif ('' !== $this->encryption_key_path) {
+            }
+            elseif ('' !== $this->encryption_key_path) {
                 $this->keycloakProvider->setEncryptionKeyPath($this->encryption_key_path);
             }
         }

src/Representation/Collection/Collection.php

@@ -58,9 +58,9 @@ public function add(Representation $representation): void
         if (!$representation instanceof $expectedClass) {
             throw new \InvalidArgumentException(sprintf(
                 '%s expects items to be %s representation, %s given',
-                (new \ReflectionClass(static::class))->getShortName(),
-                (new \ReflectionClass($expectedClass))->getShortName(),
-                (new \ReflectionClass($representation))->getShortName()
+                new \ReflectionClass(static::class)->getShortName(),
+                new \ReflectionClass($expectedClass)->getShortName(),
+                new \ReflectionClass($representation)->getShortName()
             ));
         }
 

src/Representation/Composites.php

@@ -4,12 +4,13 @@
 
 namespace Mainick\KeycloakClientBundle\Representation;
 
+use Mainick\KeycloakClientBundle\Representation\Collection\RealmCollection;
 use Mainick\KeycloakClientBundle\Representation\Type\Map;
 
 final class Composites extends Representation
 {
     public function __construct(
-        public ?RealCollection $realm = null,
+        public ?RealmCollection $realm = null,
         public ?Map $client = null,
         public ?Map $application = null,
     ) {

src/Representation/GroupRepresentation.php

@@ -6,7 +6,6 @@
 
 use Mainick\KeycloakClientBundle\Annotation\Since;
 use Mainick\KeycloakClientBundle\Representation\Collection\GroupCollection;
-use Mainick\KeycloakClientBundle\Representation\Representation;
 use Mainick\KeycloakClientBundle\Representation\Type\Map;
 
 final class GroupRepresentation extends Representation
@@ -15,10 +14,8 @@ public function __construct(
         public ?string $id = null,
         public ?string $name = null,
         public ?string $path = null,
-        #[Since('23.0.0')]
-        public ?string $parentId = null,
-        #[Since('23.0.0')]
-        public ?int $subGroupCount = null,
+        #[Since('23.0.0')] public ?string $parentId = null,
+        #[Since('23.0.0')] public ?int $subGroupCount = null,
         public ?GroupCollection $subGroups = null,
         public ?Map $attributes = null,
         /** @var string[]|null */

src/Representation/RealmRepresentation.php

@@ -58,11 +58,9 @@ public function __construct(
         public ?bool $realmCacheEnabled = null,
         public ?bool $bruteForceProtected = null,
         public ?bool $permanentLockout = null,
-        #[Since('24.0.0')]
-        public ?int $maxTemporaryLockouts = null,
+        #[Since('24.0.0')] public ?int $maxTemporaryLockouts = null,
         public ?int $maxFailureWaitSeconds = null,
-        #[Since('24.0.0')]
-        public ?int $minimumQuickLoginWaitSeconds = null,
+        #[Since('24.0.0')] public ?int $minimumQuickLoginWaitSeconds = null,
         public ?int $waitIncrementSeconds = null,
         public ?int $quickLoginCheckMilliSeconds = null,
         public ?int $maxDeltaTimeSeconds = null,
@@ -88,8 +86,7 @@ public function __construct(
         public ?int $otpPolicyDigits = null,
         public ?int $otpPolicyLookAheadWindow = null,
         public ?int $otpPolicyPeriod = null,
-        #[Since('20.0.0')]
-        public ?bool $otpPolicyCodeReusable = null,
+        #[Since('20.0.0')] public ?bool $otpPolicyCodeReusable = null,
         /** @var string[]|null */
         public ?array $otpSupportedApplications = null,
         public ?string $webAuthnPolicyRpEntityName = null,
@@ -105,8 +102,7 @@ public function __construct(
         /** @var string[]|null */
         public ?array $webAuthnPolicyAcceptableAaguids = null,
         /** @var string[]|null */
-        #[Since('23.0.0')]
-        public ?array $webAuthnPolicyExtraOrigins = null,
+        #[Since('23.0.0')] public ?array $webAuthnPolicyExtraOrigins = null,
         public ?string $webAuthnPolicyPasswordlessRpEntityName = null,
         /** @var string[]|null */
         public ?array $webAuthnPolicyPasswordlessSignatureAlgorithms = null,
@@ -120,8 +116,7 @@ public function __construct(
         /** @var string[]|null */
         public ?array $webAuthnPolicyPasswordlessAcceptableAaguids = null,
         /** @var string[]|null */
-        #[Since('23.0.0')]
-        public ?array $webAuthnPolicyPasswordlessExtraOrigins = null,
+        #[Since('23.0.0')] public ?array $webAuthnPolicyPasswordlessExtraOrigins = null,
         //public ?ClientProfiles $clientProfiles = null,
         //public ?ClientPolicies $clientPolicies = null,
         public ?UserCollection $users = null,
@@ -167,39 +162,30 @@ public function __construct(
         public ?string $resetCredentialsFlow = null,
         public ?string $clientAuthenticationFlow = null,
         public ?string $dockerAuthenticationFlow = null,
-        #[Since('24.0.0')]
-        public ?string $firstBrokerLoginFlow = null,
+        #[Since('24.0.0')] public ?string $firstBrokerLoginFlow = null,
         public ?Map $attributes = null,
         public ?string $keycloakVersion = null,
         public ?bool $userManagedAccessAllowed = null,
 //        #[Since('25.0.0')]
 //        public ?bool $organizationsEnabled = null,
 //        #[Since('25.0.0')]
 //        public ?OrganizationCollection $organizations = null,
-        #[Since('25.0.0')]
-        public ?bool $verifiableCredentialsEnabled = null,
-        #[Since('25.0.0')]
-        public ?bool $adminPermissionsEnabled = null,
-        #[Since('25.0.0')]
-        public ?bool $social = null,
-        #[Since('25.0.0')]
-        public ?bool $updateProfileOnInitialSocialLogin = null,
-        /** @var string[]|null */
-        #[Since('25.0.0')]
-        public ?array $socialProviders = null,
-        /** @var string[]|null */
-        #[Since('25.0.0')]
-        public ?array $applicationScopeMappings = null,
+        #[Since('25.0.0')] public ?bool $verifiableCredentialsEnabled = null,
+        #[Since('25.0.0')] public ?bool $adminPermissionsEnabled = null,
+        #[Since('25.0.0')] public ?bool $social = null,
+        #[Since('25.0.0')] public ?bool $updateProfileOnInitialSocialLogin = null,
+        /** @var string[]|null */
+        #[Since('25.0.0')] public ?array $socialProviders = null,
+        /** @var string[]|null */
+        #[Since('25.0.0')] public ?array $applicationScopeMappings = null,
 //        #[Since('25.0.0')]
 //        public ?ApplicationRepresentation $application = null,
 //        #[Since('25.0.0')]
 //        public ?OAuthClientRepresentation $oauthClients = null,
 //        #[Since('25.0.0')]
 //        public ?ClientTemplateRepresentation $clientTemplates = null,
-        #[Since('25.0.0')]
-        public ?int $oAuth2DeviceCodeLifespan = null,
-        #[Since('25.0.0')]
-        public ?int $oAuth2DevicePollingInterval = null,
+        #[Since('25.0.0')] public ?int $oAuth2DeviceCodeLifespan = null,
+        #[Since('25.0.0')] public ?int $oAuth2DevicePollingInterval = null,
     ) {
     }
 }

src/Representation/Representation.php

@@ -12,7 +12,7 @@ abstract class Representation implements \JsonSerializable
     abstract public function __construct();
 
     /**
-     * @param array $properties
+     * @param array<string, mixed> $properties
      * @return static
      * @throws PropertyDoesNotExistException
      */
@@ -33,13 +33,13 @@ final public static function from(array $properties): static
      */
     public static function fromJson(string $json): static
     {
-        return static::from((new JsonEncoder())->decode($json, JsonEncoder::FORMAT));
+        return static::from(new JsonEncoder()->decode($json, JsonEncoder::FORMAT));
     }
 
     final public function jsonSerialize(): array
     {
         $serializable = [];
-        $reflectedClass = (new \ReflectionClass($this));
+        $reflectedClass = new \ReflectionClass($this);
         $properties = $reflectedClass->getProperties(\ReflectionProperty::IS_PUBLIC);
         foreach ($properties as $property) {
             $serializable[$property->getName()] = ($property->getValue($this) instanceof \JsonSerializable)

src/Representation/Type/Map.php

@@ -9,9 +9,9 @@
 /**
  * @template T
  *
- * @implements \JsonSerializable<T>
+ * @implements \IteratorAggregate<T>
  */
-class Map extends Type implements \Countable, \IteratorAggregate
+class Map extends Type implements \Countable, \IteratorAggregate, \JsonSerializable
 {
     /**
      * @param array<string, T> $data
@@ -56,6 +56,10 @@ public function get(string $key): mixed
         return $this->data[$key];
     }
 
+    /**
+     * @param T $value
+     * @return Map<T>
+     */
     public function with(string $key, mixed $value): self
     {
         $clone = clone $this;
@@ -64,6 +68,9 @@ public function with(string $key, mixed $value): self
         return $clone;
     }
 
+    /**
+     * @return Map<T>
+     */
     public function without(string $key): self
     {
         $clone = clone $this;

src/Representation/UPAttribute.php

@@ -4,7 +4,6 @@
 
 namespace Mainick\KeycloakClientBundle\Representation;
 
-use Mainick\KeycloakClientBundle\Representation\Representation;
 use Mainick\KeycloakClientBundle\Representation\Type\Map;
 
 final class UPAttribute extends Representation
@@ -19,6 +18,6 @@ public function __construct(
         public ?UPAttributeSelector $selector = null,
         public ?string $group = null,
         public ?bool $multivalued = null,
-    ){
+    ) {
     }
 }

src/Representation/UPConfig.php

@@ -6,7 +6,6 @@
 
 use Mainick\KeycloakClientBundle\Representation\Collection\UPAttributeCollection;
 use Mainick\KeycloakClientBundle\Representation\Collection\UPGroupCollection;
-use Mainick\KeycloakClientBundle\Representation\Representation;
 
 final class UPConfig extends Representation
 {

src/Representation/UPGroup.php

@@ -4,7 +4,6 @@
 
 namespace Mainick\KeycloakClientBundle\Representation;
 
-use Mainick\KeycloakClientBundle\Representation\Representation;
 use Mainick\KeycloakClientBundle\Representation\Type\Map;
 
 final class UPGroup extends Representation

src/Representation/UserConsentRepresentation.php

@@ -4,8 +4,6 @@
 
 namespace Mainick\KeycloakClientBundle\Representation;
 
-use Mainick\KeycloakClientBundle\Representation\Representation;
-
 class UserConsentRepresentation extends Representation
 {
     public function __construct(

src/Representation/UserProfileAttributeGroupMetadata.php

@@ -4,7 +4,6 @@
 
 namespace Mainick\KeycloakClientBundle\Representation;
 
-use Mainick\KeycloakClientBundle\Representation\Representation;
 use Mainick\KeycloakClientBundle\Representation\Type\Map;
 
 final class UserProfileAttributeGroupMetadata extends Representation

src/Representation/UserProfileAttributeMetadata.php

@@ -4,7 +4,6 @@
 
 namespace Mainick\KeycloakClientBundle\Representation;
 
-use Mainick\KeycloakClientBundle\Representation\Representation;
 use Mainick\KeycloakClientBundle\Representation\Type\Map;
 
 final class UserProfileAttributeMetadata extends Representation

src/Representation/UserProfileMetadata.php

@@ -6,7 +6,6 @@
 
 use Mainick\KeycloakClientBundle\Representation\Collection\UserProfileAttributeGroupMetadataCollection;
 use Mainick\KeycloakClientBundle\Representation\Collection\UserProfileAttributeMetadataCollection;
-use Mainick\KeycloakClientBundle\Representation\Representation;
 
 final class UserProfileMetadata extends Representation
 {

src/Representation/UserSessionRepresentation.php

@@ -4,7 +4,6 @@
 
 namespace Mainick\KeycloakClientBundle\Representation;
 
-use Mainick\KeycloakClientBundle\Representation\Representation;
 use Mainick\KeycloakClientBundle\Representation\Type\Map;
 
 final class UserSessionRepresentation extends Representation

src/Security/Authenticator/KeycloakAuthenticator.php

@@ -53,8 +53,11 @@ public function authenticate(Request $request): Passport
         catch (IdentityProviderException $e) {
             throw new AuthenticationException(sprintf('Error authenticating code grant (%s)', $e->getMessage()), previous: $e);
         }
+        catch (ClientException $e) {
+            throw new AuthenticationException(sprintf('Bad status code returned by openID server (%s)', $e->getResponse()->getStatusCode()), previous: $e);
+        }
         catch (\Exception $e) {
-            throw new AuthenticationException(sprintf('Bad status code returned by openID server (%s)', $e->getStatusCode()), previous: $e);
+            throw new AuthenticationException(sprintf('Unexpected error occurred (%s)', $e->getMessage()), previous: $e);
         }
 
         if (!$accessToken || !$accessToken->getToken()) {
@@ -81,10 +84,10 @@ public function onAuthenticationSuccess(Request $request, TokenInterface $token,
 
     public function onAuthenticationFailure(Request $request, AuthenticationException $exception): ?Response
     {
-        $request->getSession()->getBag('flashes')->add(
-            'error',
-            'An authentication error occured',
-        );
+        $errors = [
+            'error' => 'An authentication error occured',
+        ];
+        $request->getSession()->getBag('flashes')->clear()->initialize($errors);
 
         // $message = strtr($exception->getMessageKey(), $exception->getMessageData());
         return new Response('Authentication failed', Response::HTTP_FORBIDDEN);

src/Security/EntryPoint/KeycloakAuthenticationEntryPoint.php

@@ -39,10 +39,13 @@ public function start(Request $request, ?AuthenticationException $authException
         if ($request->hasSession()) {
             $request->getSession()->set(KeycloakAuthorizationCodeEnum::LOGIN_REFERRER, $request->getUri());
 
-            $request->getSession()->getBag('flashes')->add(
-                'info',
-                'Please log in to access this page',
-            );
+            $info = [
+                'info' => 'Please log in to access this page',
+            ];
+
+            $flashes = $request->getSession()->getBag('flashes');
+            $flashes->clear();
+            $flashes->initialize($info);
         }
 
         $this->keycloakClientLogger?->info('KeycloakAuthenticationEntryPoint::start', [